| V-223015 | | The Internet Explorer warning about certificate address mismatch must be enforced. | This parameter warns users if the certificate being presented by the website is invalid. Since server certificates are used to validate the identity o... |
| V-223017 | | The Download signed ActiveX controls property must be disallowed (Internet zone). | Active X controls can contain potentially malicious code and must only be allowed to be downloaded from trusted sites. Signed code is better than unsi... |
| V-223018 | | The Download unsigned ActiveX controls property must be disallowed (Internet zone). | Unsigned code is potentially harmful, especially when coming from an untrusted zone. This policy setting allows you to manage whether users may downlo... |
| V-223019 | | The Initialize and script ActiveX controls not marked as safe property must be disallowed (Internet zone). | ActiveX controls that are not marked safe for scripting should not be executed. Although this is not a complete security measure for a control to be m... |
| V-223020 | | The Java permissions must be disallowed (Internet zone). | Java applications could contain malicious code; sites located in this security zone are more likely to be hosted by malicious individuals. This policy... |
| V-223021 | | Accessing data sources across domains must be disallowed (Internet zone). | The ability to access data zones across domains could cause the user to unknowingly access content hosted on an unauthorized server. Access to data so... |
| V-223022 | | Functionality to drag and drop or copy and paste files must be disallowed (Internet zone). | Content hosted on sites located in the Internet zone are likely to contain malicious payloads and therefore this feature should be blocked for this zo... |
| V-223023 | | Launching programs and files in IFRAME must be disallowed (Internet zone). | This policy setting allows you to manage whether applications may be run and files may be downloaded from an IFRAME reference in the HTML of the pages... |
| V-223024 | | Navigating windows and frames across different domains must be disallowed (Internet zone). | Frames that navigate across different domains are a security concern, because the user may think they are accessing pages on one site while they are a... |
| V-223025 | | Userdata persistence must be disallowed (Internet zone). | Userdata persistence must have a level of protection based upon the site being accessed. It is possible for sites hosting malicious content to exploit... |
| V-223026 | | Clipboard operations via script must be disallowed (Internet zone). | A malicious script could use the clipboard in an undesirable manner, for example, if the user had recently copied confidential information to the clip... |
| V-223027 | | Logon options must be configured to prompt (Internet zone). | Users could submit credentials to servers operated by malicious individuals who could then attempt to connect to legitimate servers with those capture... |
| V-223028 | | Java permissions must be configured with High Safety (Intranet zone). | Java applications could contain malicious code. This policy setting allows you to manage permissions for Java applets. If you enable this policy setti... |
| V-223029 | | Anti-Malware programs against ActiveX controls must be run for the Intranet zone. | This policy setting determines whether Internet Explorer runs Anti-Malware programs against ActiveX controls, to check if they're safe to load on page... |
| V-223030 | | Java permissions must be configured with High Safety (Trusted Sites zone). | Java applications could contain malicious code. This policy setting allows you to manage permissions for Java applets. If you enable this policy setti... |
| V-223031 | | Anti-Malware programs against ActiveX controls must be run for the Trusted Sites zone. | This policy setting determines whether Internet Explorer runs Anti-Malware programs against ActiveX controls, to check if they're safe to load on page... |
| V-223032 | | Dragging of content from different domains within a window must be disallowed (Internet zone). | This policy setting allows you to set options for dragging content from one domain to a different domain when the source and destination are in the sa... |
| V-223033 | | Dragging of content from different domains across windows must be disallowed (Restricted Sites zone). | This policy setting allows you to set options for dragging content from one domain to a different domain when the source and destination are in differ... |
| V-223034 | | Internet Explorer Processes Restrict ActiveX Install must be enforced (Explorer). | Users often choose to install software such as ActiveX controls that are not permitted by their organization's security policy. Such software can pose... |
| V-223035 | | Internet Explorer Processes Restrict ActiveX Install must be enforced (iexplore). | Users often choose to install software such as ActiveX controls that are not permitted by their organization's security policy. Such software can pose... |
| V-223036 | | Dragging of content from different domains within a window must be disallowed (Restricted Sites zone). | This policy setting allows you to set options for dragging content from one domain to a different domain when the source and destination are in the sa... |
| V-223037 | | Anti-Malware programs against ActiveX controls must be run for the Internet zone. | This policy setting determines whether Internet Explorer runs Anti-Malware programs against ActiveX controls, to check if they're safe to load on page... |
| V-223038 | | Anti-Malware programs against ActiveX controls must be run for the Restricted Sites zone. | This policy setting determines whether Internet Explorer runs Anti-Malware programs against ActiveX controls, to check if they're safe to load on page... |
| V-223039 | | Prevent bypassing SmartScreen Filter warnings must be enabled. | This policy setting determines whether the user can bypass warnings from SmartScreen Filter. SmartScreen Filter prevents the user from browsing to or ... |
| V-223040 | | Prevent bypassing SmartScreen Filter warnings about files that are not commonly downloaded from the internet must be enabled. | This policy setting determines whether the user can bypass warnings from SmartScreen Filter. SmartScreen Filter warns the user about executable files ... |
| V-223041 | | Prevent per-user installation of ActiveX controls must be enabled. | This policy setting allows you to prevent the installation of ActiveX controls on a per-user basis. If you enable this policy setting, ActiveX control... |
| V-223042 | | Prevent ignoring certificate errors option must be enabled. | This policy setting prevents the user from ignoring Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate errors that interrupt browsing... |
| V-223043 | | Turn on SmartScreen Filter scan option for the Internet Zone must be enabled. | This policy setting controls whether SmartScreen Filter scans pages in this zone for malicious content. If you enable this policy setting, SmartScreen... |
| V-223044 | | Turn on SmartScreen Filter scan option for the Restricted Sites Zone must be enabled. | This policy setting controls whether SmartScreen Filter scans pages in this zone for malicious content. If you enable this policy setting, SmartScreen... |
| V-223045 | | The Initialize and script ActiveX controls not marked as safe must be disallowed (Intranet Zone). | ActiveX controls that are not marked safe for scripting should not be executed. Although this is not a complete security measure for a control to be m... |
| V-223046 | | The Initialize and script ActiveX controls not marked as safe must be disallowed (Trusted Sites Zone). | ActiveX controls that are not marked safe for scripting should not be executed. Although this is not a complete security measure for a control to be m... |
| V-223048 | | Run once selection for running outdated ActiveX controls must be disabled. | This feature keeps ActiveX controls up to date and helps make them safer to use in Internet Explorer. Many ActiveX controls are not automatically upda... |
| V-223049 | | Enabling outdated ActiveX controls for Internet Explorer must be blocked. | This feature keeps ActiveX controls up to date and helps make them safer to use in Internet Explorer. Many ActiveX controls are not automatically upda... |
| V-223050 | | Use of the Tabular Data Control (TDC) ActiveX control must be disabled for the Internet Zone. | This policy setting determines whether users can run the Tabular Data Control (TDC) ActiveX control, based on security zone. By default, the TDC Activ... |
| V-223051 | | The Download signed ActiveX controls property must be disallowed (Restricted Sites zone). | ActiveX controls can contain potentially malicious code and must only be allowed to be downloaded from trusted sites. Signed code is better than unsig... |
| V-223052 | | Use of the Tabular Data Control (TDC) ActiveX control must be disabled for the Restricted Sites Zone. | This policy setting determines whether users can run the Tabular Data Control (TDC) ActiveX control, based on security zone. By default, the TDC Activ... |
| V-223053 | | VBScript must not be allowed to run in Internet Explorer (Internet zone). | This policy setting allows the management of whether VBScript can be run on pages from the specified zone in Internet Explorer. By selecting "Enable" ... |
| V-223054 | | The Download unsigned ActiveX controls property must be disallowed (Restricted Sites zone). | Unsigned code is potentially harmful, especially when coming from an untrusted zone. ActiveX controls can contain potentially malicious code and must ... |
| V-223055 | | VBScript must not be allowed to run in Internet Explorer (Restricted Sites zone). | This policy setting allows the management of whether VBScript can be run on pages from the specified zone in Internet Explorer. By selecting "Enable" ... |
| V-223057 | | The Initialize and script ActiveX controls not marked as safe property must be disallowed (Restricted Sites zone). | ActiveX controls not marked safe for scripting should not be executed. Although this is not a complete security measure for a control to be marked saf... |
| V-223058 | | ActiveX controls and plug-ins must be disallowed (Restricted Sites zone). | This policy setting allows you to manage whether ActiveX controls and plug-ins can be run on pages from the specified zone. ActiveX controls not marke... |
| V-223059 | | ActiveX controls marked safe for scripting must be disallowed (Restricted Sites zone). | This policy setting allows management of whether ActiveX controls marked safe for scripting can interact with a script. If you enable this policy sett... |
| V-223060 | | File downloads must be disallowed (Restricted Sites zone). | Sites located in the Restricted Sites Zone are more likely to contain malicious payloads and therefore downloads from this zone should be blocked. Fil... |
| V-223061 | | Java permissions must be disallowed (Restricted Sites zone). | Java applications could contain malicious code; sites located in this security zone are more likely to be hosted by malicious individuals. This policy... |
| V-223062 | | Accessing data sources across domains must be disallowed (Restricted Sites zone). | The ability to access data zones across domains could cause the user to unknowingly access content hosted on an unauthorized server. This policy setti... |
| V-223063 | | The Allow META REFRESH property must be disallowed (Restricted Sites zone). | It is possible that users will unknowingly be redirected to a site hosting malicious content. 'Allow META REFRESH' must have a level of protection bas... |
| V-223064 | | Functionality to drag and drop or copy and paste files must be disallowed (Restricted Sites zone). | Content hosted on sites located in the Restricted Sites zone are more likely to contain malicious payloads and therefore this feature should be blocke... |
| V-223065 | | Launching programs and files in IFRAME must be disallowed (Restricted Sites zone). | This policy setting allows you to manage whether applications may be run and files may be downloaded from an IFRAME reference in the HTML of the pages... |
| V-223066 | | Navigating windows and frames across different domains must be disallowed (Restricted Sites zone). | Frames navigating across different domains are a security concern, because the user may think they are accessing pages on one site while they are actu... |
| V-223067 | | Userdata persistence must be disallowed (Restricted Sites zone). | Userdata persistence must have a level of protection based upon the site being accessed. This policy setting allows you to manage the preservation of ... |
| V-223068 | | Active scripting must be disallowed (Restricted Sites Zone). | Active scripts hosted on sites located in this zone are more likely to contain malicious code. Active scripting must have a level of protection based ... |
| V-223069 | | Clipboard operations via script must be disallowed (Restricted Sites zone). | A malicious script could use the clipboard in an undesirable manner, for example, if the user had recently copied confidential information to the clip... |
| V-223070 | | Logon options must be configured and enforced (Restricted Sites zone). | Users could submit credentials to servers operated by malicious individuals who could then attempt to connect to legitimate servers with those capture... |
| V-223071 | | Configuring History setting must be set to 40 days. | This setting specifies the number of days that Internet Explorer keeps track of the pages viewed in the History List. The delete Browsing History opti... |
| V-223072 | | Internet Explorer must be set to disallow users to add/delete sites. | This setting prevents users from adding sites to various security zones. Users should not be able to add sites to different zones, as this could allow... |
| V-223073 | | Internet Explorer must be configured to disallow users to change policies. | Users who change their Internet Explorer security settings could enable the execution of dangerous types of code from the Internet and websites listed... |
| V-223074 | | Internet Explorer must be configured to use machine settings. | Users who change their Internet Explorer security settings could enable the execution of dangerous types of code from the Internet and websites listed... |
| V-223075 | | Security checking features must be enforced. | This policy setting turns off the Security Settings Check feature, which checks Internet Explorer security settings to determine when the settings put... |
| V-223076 | | Software must be disallowed to run or install with invalid signatures. | Microsoft ActiveX controls and file downloads often have digital signatures attached that certify the file's integrity and the identity of the signer ... |
| V-223077 | | The 64-bit tab processes, when running in Enhanced Protected Mode on 64-bit versions of Windows, must be turned on. | This policy setting determines whether Internet Explorer 11 uses 64-bit processes (for greater security) or 32-bit processes (for greater compatibilit... |
| V-223079 | | Checking for signatures on downloaded programs must be enforced. | This policy setting allows you to manage whether Internet Explorer checks for digital signatures (which identifies the publisher of signed software an... |
| V-223080 | | All network paths (UNCs) for Intranet sites must be disallowed. | Some UNC paths could refer to servers not managed by the organization, which means they could host malicious content; and therefore, it is safest to n... |
| V-223081 | | Script-initiated windows without size or position constraints must be disallowed (Internet zone). | This policy setting allows you to manage restrictions on script-initiated pop-up windows and windows including the title and status bars. If you enabl... |
| V-223082 | | Script-initiated windows without size or position constraints must be disallowed (Restricted Sites zone). | This policy setting allows you to manage restrictions on script-initiated pop-up windows and windows including the title and status bars. If you enabl... |
| V-223083 | | Scriptlets must be disallowed (Internet zone). | This policy setting allows you to manage whether scriptlets can be allowed. Scriptlets hosted on sites located in this zone are more likely to contain... |
| V-223084 | | Automatic prompting for file downloads must be disallowed (Internet zone). | This policy setting determines whether users will be prompted for non user-initiated file downloads. Regardless of this setting, users will receive fi... |
| V-223085 | | Java permissions must be disallowed (Local Machine zone). | Java applications could contain malicious code. This policy setting allows you to manage permissions for Java applets. If you enable this policy setti... |
| V-223086 | | Anti-Malware programs against ActiveX controls must be run for the Local Machine zone. | This policy setting determines whether Internet Explorer runs Anti-Malware programs against ActiveX controls, to check if they're safe to load on page... |
| V-223087 | | Java permissions must be disallowed (Locked Down Local Machine zone). | Java applications could contain malicious code. This policy setting allows you to manage permissions for Java applets. If you enable this policy setti... |
| V-223088 | | Java permissions must be disallowed (Locked Down Intranet zone). | Java applications could contain malicious code. This policy setting allows you to manage permissions for Java applets. If you enable this policy setti... |
| V-223089 | | Java permissions must be disallowed (Locked Down Trusted Sites zone). | Java applications could contain malicious code; sites located in this security zone are more likely to be hosted by malicious individuals. This policy... |
| V-223090 | | Java permissions must be disallowed (Locked Down Restricted Sites zone). | Java applications could contain malicious code. This policy setting allows you to manage permissions for Java applets. If you enable this policy setti... |
| V-223091 | | XAML files must be disallowed (Internet zone). | These are eXtensible Application Markup Language (XAML) files. XAML is an XML-based declarative markup language commonly used for creating rich user i... |
| V-223092 | | XAML files must be disallowed (Restricted Sites zone). | These are eXtensible Application Markup Language (XAML) files. XAML is an XML-based declarative markup language commonly used for creating rich user i... |
| V-223093 | | Protected Mode must be enforced (Internet zone). | Protected Mode protects Internet Explorer from exploited vulnerabilities by reducing the locations Internet Explorer can write to in the registry and ... |
| V-223094 | | Protected Mode must be enforced (Restricted Sites zone). | Protected Mode protects Internet Explorer from exploited vulnerabilities by reducing the locations Internet Explorer can write to in the registry and ... |
| V-223095 | | Pop-up Blocker must be enforced (Internet zone). | This policy setting allows you to manage whether unwanted pop-up windows appear. Pop-up windows that are opened when the end user clicks a link are no... |
| V-223096 | | Pop-up Blocker must be enforced (Restricted Sites zone). | This policy setting allows you to manage whether unwanted pop-up windows appear. Pop-up windows that are opened when the end user clicks a link are no... |
| V-223097 | | Websites in less privileged web content zones must be prevented from navigating into the Internet zone. | This policy setting allows a user to manage whether websites from less privileged zones, such as Restricted Sites, can navigate into the Internet zone... |
| V-223098 | | Websites in less privileged web content zones must be prevented from navigating into the Restricted Sites zone. | This policy setting allows you to manage whether websites from less privileged zones, such as Restricted Sites, can navigate into the Restricted zone.... |
| V-223099 | | Allow binary and script behaviors must be disallowed (Restricted Sites zone). | This policy setting allows you to manage dynamic binary and script behaviors of components that encapsulate specific functionality for HTML elements, ... |
| V-223100 | | Automatic prompting for file downloads must be disallowed (Restricted Sites zone). | This policy setting determines whether users will be prompted for non user-initiated file downloads. Regardless of this setting, users will receive fi... |
| V-223101 | | Internet Explorer Processes for MIME handling must be enforced. (Reserved) | Internet Explorer uses Multipurpose Internet Mail Extensions (MIME) data to determine file handling procedures for files received through a web server... |
| V-223102 | | Internet Explorer Processes for MIME handling must be enforced (Explorer). | Internet Explorer uses Multipurpose Internet Mail Extensions (MIME) data to determine file handling procedures for files received through a web server... |
| V-223103 | | Internet Explorer Processes for MIME handling must be enforced (iexplore). | Internet Explorer uses Multipurpose Internet Mail Extensions (MIME) data to determine file handling procedures for files received through a web server... |
| V-223104 | | Internet Explorer Processes for MIME sniffing must be enforced (Reserved). | MIME sniffing is the process of examining the content of a MIME file to determine its context - whether it is a data file, an executable file, or some... |
| V-223105 | | Internet Explorer Processes for MIME sniffing must be enforced (Explorer). | MIME sniffing is the process of examining the content of a MIME file to determine its context - whether it is a data file, an executable file, or some... |
| V-223106 | | Internet Explorer Processes for MIME sniffing must be enforced (iexplore). | MIME sniffing is the process of examining the content of a MIME file to determine its context - whether it is a data file, an executable file, or some... |
| V-223107 | | Internet Explorer Processes for MK protocol must be enforced (Reserved). | The MK Protocol Security Restriction policy setting reduces attack surface area by blocking the seldom used MK protocol. Some older web applications u... |
| V-223108 | | Internet Explorer Processes for MK protocol must be enforced (Explorer). | The MK Protocol Security Restriction policy setting reduces attack surface area by blocking the seldom used MK protocol. Some older web applications u... |
| V-223109 | | Internet Explorer Processes for MK protocol must be enforced (iexplore). | The MK Protocol Security Restriction policy setting reduces attack surface area by blocking the seldom used MK protocol. Some older web applications u... |
| V-223110 | | Internet Explorer Processes for Zone Elevation must be enforced (Reserved). | Internet Explorer places restrictions on each web page it opens that are dependent upon the location of the web page (such as Internet Zone, Intranet ... |
| V-223111 | | Internet Explorer Processes for Zone Elevation must be enforced (Explorer). | Internet Explorer places restrictions on each web page it opens that are dependent upon the location of the web page (such as Internet Zone, Intranet ... |
| V-223112 | | Internet Explorer Processes for Zone Elevation must be enforced (iexplore). | Internet Explorer places restrictions on each web page it opens that are dependent upon the location of the web page (such as Internet Zone, Intranet ... |
| V-223113 | | Internet Explorer Processes for Restrict File Download must be enforced (Reserved). | In certain circumstances, websites can initiate file download prompts without interaction from users. This technique can allow websites to put unautho... |
| V-223114 | | Internet Explorer Processes for Restrict File Download must be enforced (Explorer). | In certain circumstances, websites can initiate file download prompts without interaction from users. This technique can allow websites to put unautho... |
| V-223115 | | Internet Explorer Processes for Restrict File Download must be enforced (iexplore). | In certain circumstances, websites can initiate file download prompts without interaction from users. This technique can allow websites to put unautho... |
| V-223116 | | Internet Explorer Processes for restricting pop-up windows must be enforced (Reserved). | Internet Explorer allows scripts to programmatically open, resize, and reposition various types of windows. Often, disreputable websites will resize w... |
| V-223117 | | Internet Explorer Processes for restricting pop-up windows must be enforced (Explorer). | Internet Explorer allows scripts to programmatically open, resize, and reposition various types of windows. Often, disreputable websites will resize w... |
| V-223118 | | Internet Explorer Processes for restricting pop-up windows must be enforced (iexplore). | Internet Explorer allows scripts to programmatically open, resize, and reposition various types of windows. Often, disreputable websites will resize w... |
| V-223119 | | .NET Framework-reliant components not signed with Authenticode must be disallowed to run (Restricted Sites Zone). | This policy setting allows you to manage whether .NET Framework-reliant components that are not signed with Authenticode can be executed from Internet... |
| V-223120 | | .NET Framework-reliant components signed with Authenticode must be disallowed to run (Restricted Sites Zone). | This policy setting allows you to manage whether .NET Framework-reliant components that are signed with Authenticode can be executed from Internet Exp... |
| V-223121 | | Scripting of Java applets must be disallowed (Restricted Sites zone). | This policy setting allows you to manage whether applets are exposed to scripts within the zone. If you enable this policy setting, scripts can access... |
| V-223122 | | AutoComplete feature for forms must be disallowed. | This AutoComplete feature suggests possible matches when users are filling in forms. It is possible that this feature will cache sensitive data and st... |
| V-223123 | | Crash Detection management must be enforced. | The 'Turn off Crash Detection' policy setting allows you to manage the crash detection feature of add-on management in Internet Explorer. A crash repo... |
| V-223124 | | Turn on the auto-complete feature for user names and passwords on forms must be disabled. | This policy setting controls automatic completion of fields in forms on web pages. It is possible that malware could be developed which would be able ... |
| V-223125 | | Managing SmartScreen Filter use must be enforced. | This setting is important from a security perspective because Microsoft has extensive data illustrating the positive impact the SmartScreen filter has... |
| V-223126 | | Browser must retain history on exit. | Delete Browsing History on exit automatically deletes specified items when the last browser window closes. Disabling this function will prevent users... |
| V-223127 | | Deleting websites that the user has visited must be disallowed. | This policy prevents users from deleting the history of websites the user has visited. If you enable this policy setting, websites the user has visite... |
| V-223128 | | InPrivate Browsing must be disallowed. | InPrivate Browsing lets the user control whether or not Internet Explorer saves the browsing history, cookies, and other data. User control of setting... |
| V-223129 | | Scripting of Internet Explorer WebBrowser control property must be disallowed (Internet zone). | This policy setting controls whether a page may control embedded WebBrowser control via script. Scripted code hosted on sites located in this zone is ... |
| V-223130 | | When uploading files to a server, the local directory path must be excluded (Internet zone). | This policy setting controls whether or not the local path information will be sent when uploading a file via a HTML form. If the local path informati... |
| V-223131 | | Internet Explorer Processes for Notification Bars must be enforced (Reserved). | This policy setting allows you to manage whether the Notification Bar is displayed for Internet Explorer processes when file or code installs are rest... |
| V-223132 | | Security Warning for unsafe files must be set to prompt (Internet zone). | This policy setting controls whether or not the 'Open File - Security Warning' message appears when the user tries to open executable files or other p... |
| V-223133 | | Internet Explorer Processes for Notification Bars must be enforced (Explorer). | This policy setting allows you to manage whether the Notification Bar is displayed for Internet Explorer processes when file or code installs are rest... |
| V-223134 | | ActiveX controls without prompt property must be used in approved domains only (Internet zone). | This policy setting controls whether or not the user is prompted to allow ActiveX controls to run on websites other than the website that installed th... |
| V-223135 | | Internet Explorer Processes for Notification Bars must be enforced (iexplore). | This policy setting allows you to manage whether the Notification Bar is displayed for Internet Explorer processes when file or code installs are rest... |
| V-223136 | | Cross-Site Scripting Filter must be enforced (Internet zone). | The Cross-Site Scripting Filter is designed to prevent users from becoming victims of unintentional information disclosure. This setting controls if t... |
| V-223137 | | Scripting of Internet Explorer WebBrowser Control must be disallowed (Restricted Sites zone). | This policy setting controls whether a page may control embedded WebBrowser Control via script. Scripted code hosted on sites located in this zone is ... |
| V-223138 | | When uploading files to a server, the local directory path must be excluded (Restricted Sites zone). | This policy setting controls whether or not the local path information will be sent when uploading a file via a HTML form. If the local path informati... |
| V-223139 | | Security Warning for unsafe files must be disallowed (Restricted Sites zone). | This policy setting controls whether or not the 'Open File - Security Warning' message appears when the user tries to open executable files or other p... |
| V-223140 | | ActiveX controls without prompt property must be used in approved domains only (Restricted Sites zone). | This policy setting controls whether or not the user is prompted to allow ActiveX controls to run on websites other than the website that installed th... |
| V-223141 | | Cross-Site Scripting Filter property must be enforced (Restricted Sites zone). | The Cross-Site Scripting Filter is designed to prevent users from becoming victims of unintentional information disclosure. This setting controls if t... |
| V-223142 | | Internet Explorer Processes Restrict ActiveX Install must be enforced (Reserved). | Users often choose to install software such as ActiveX controls that are not permitted by their organization's security policy. Such software can pose... |
| V-223143 | | Status bar updates via script must be disallowed (Internet zone). | This policy setting allows you to manage whether script is allowed to update the status bar within the zone. A script running in the zone could cause ... |
| V-223144 | | .NET Framework-reliant components not signed with Authenticode must be disallowed to run (Internet zone). | Unsigned components are more likely to contain malicious code and it is more difficult to determine the author of the application - therefore they sho... |
| V-223145 | | .NET Framework-reliant components signed with Authenticode must be disallowed to run (Internet zone). | It may be possible for someone to host malicious content on a website that takes advantage of these components. This policy setting allows you to mana... |
| V-223146 | | Scriptlets must be disallowed (Restricted Sites zone). | This policy setting allows you to manage whether scriptlets can be allowed. Scriptlets hosted on sites located in this zone are more likely to contain... |
| V-223147 | | Status bar updates via script must be disallowed (Restricted Sites zone). | A script running in the zone could cause false information to be displayed on the status bar, which could confuse the user and cause an undesirable ac... |
| V-223148 | | When Enhanced Protected Mode is enabled, ActiveX controls must be disallowed to run in Protected Mode. | This setting prevents ActiveX controls from running in Protected Mode when Enhanced Protected Mode is enabled. When a user has an ActiveX control inst... |
| V-223149 | | Dragging of content from different domains across windows must be disallowed (Internet zone). | This policy setting allows you to set options for dragging content from one domain to a different domain when the source and destination are in differ... |
| V-250540 | | Turn off Encryption Support must be enabled. | This parameter ensures only DoD-approved ciphers and algorithms are enabled for use by the web browser by allowing you to turn on/off support for TLS ... |
| V-250541 | | Allow Fallback to SSL 3.0 (Internet Explorer) must be disabled. | This parameter ensures only DoD-approved ciphers and algorithms are enabled for use by the web browser by blocking an insecure fallback to SSL when TL... |
| V-223016 | | Check for publishers certificate revocation must be enforced. | Check for publisher's certificate revocation options should be enforced to ensure all PKI signed objects are validated.
Satisfies: SRG-APP-000605... |
| V-223056 | | Internet Explorer Development Tools Must Be Disabled. | While the risk associated with browser development tools is more related to the proper design of a web application, a risk vector remains within the b... |
| V-223078 | | Checking for server certificate revocation must be enforced. | This policy setting allows you to manage whether Internet Explorer will check revocation status of servers' certificates. Certificates are revoked whe... |
| V-252910 | | The version of Internet Explorer running on the system must be a supported version. | Security flaws with software applications are discovered daily. Vendors are constantly updating and patching their products to address newly discovere... |
